package com.sharp.authorization.controller.login;

import com.sharp.authorization.annotation.auth.Auth;
import com.sharp.authorization.annotation.msg.MsgCodeVerify;
import com.sharp.authorization.constants.token.ChangePasswordTokenItemConst;
import com.sharp.authorization.constants.token.TokenTypeConst;
import com.sharp.authorization.service.login.ChangePasswordService;
import com.sharp.authorization.service.login.LoginService;
import com.sharp.authorization.service.token.TokenService;
import com.sharp.authorization.vo.login.pwd.ChangePasswordReq;
import com.sharp.authorization.vo.login.pwd.MsgChangePasswordReq;
import com.sharp.kernel.config.response.Response;
import com.sharp.kernel.config.response.ResponseHandler;
import com.sharp.kernel.constant.err.ErrCodeSys;
import com.sharp.kernel.validate.Validator;
import com.sharp.kernel.vo.common.CommonResVO;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;

import javax.annotation.Resource;

/**
 * Title: ChangePasswordController
 * Description: Copyright: Copyright (c) 2019 Company: BHFAE
 *
 * @author Sharp
 * @date 2020/4/18 11:58
 * @description Project Name: Mall
 * @Package: com.srct.service.account.controller.login
 */
@Auth
@Api(value = "更换密码", tags = "用户账户操作-更换密码")
@RestController("ChangePasswordController")
@RequestMapping(value = "/changePwd")
public class ChangePasswordController {

    @Resource
    private TokenService tokenService;
    @Resource
    private ChangePasswordService changePasswordService;
    @Resource
    private LoginService loginService;

    @ApiOperation(value = "通过短信更换密码", notes = "修改密码")
    @RequestMapping(value = "/msg", method = RequestMethod.POST)
    @ApiImplicitParams({
            @ApiImplicitParam(paramType = "query", dataType = "String", name = "phoneNumber", value = "手机号码",
                    required = true),
            @ApiImplicitParam(paramType = "query", dataType = "String", name = "msgCode", value = "短信验证码", required =
                    true),
            @ApiImplicitParam(paramType = "query", dataType = "String", name = "password", value = "新密码", required =
                    true),
            @ApiImplicitParam(paramType = "query", dataType = "String", name = "passwordConfirm", value = "确认密码",
                    required = true)})
    @MsgCodeVerify("FIND_PASSWORD_MSG_CODE")
    public ResponseEntity<Response<CommonResVO>> changePwdByMsg(MsgChangePasswordReq req) {
        Validator.assertTrue(StringUtils.equals(req.getPassword(), req.getPasswordConfirm()), ErrCodeSys.PA_DATA_DIFF, "密码");
        changePasswordService.changePasswordByMsgCode(req.getPhoneNumber(), req.getPassword());
        return ResponseHandler.commonResponse();
    }

    @ApiOperation(value = "通过邮箱更换密码", notes = "修改密码")
    @RequestMapping(value = "/email", method = RequestMethod.POST)
    @ApiImplicitParams({
            @ApiImplicitParam(paramType = "query", dataType = "String", name = "userId", value = "用户名", required =
                    true),
            @ApiImplicitParam(paramType = "query", dataType = "String", name = "email", value = "注册邮箱", required =
                    true)})
    public ResponseEntity<Response<CommonResVO>> changePwdByEmail(String userId, String email) {
        changePasswordService.emailChangeReq(userId, email);
        return ResponseHandler.commonResponse();
    }

    @ApiOperation(value = "验证修改密码token有效", notes = "修改密码")
    @RequestMapping(value = "/token", method = RequestMethod.POST)
    @ApiImplicitParams({
            @ApiImplicitParam(paramType = "query", dataType = "String", name = "token", value = "邮箱验证token", required =
                    true),
            @ApiImplicitParam(paramType = "query", dataType = "String", name = "userId", value = "用户名", required =
                    true)})
    public ResponseEntity<Response<CommonResVO>> verifyChangePwdToken(String token, String userId) {
        String tokenType = tokenService.getTokenType(token);
        Validator.assertTrue(StringUtils.equals(tokenType, TokenTypeConst.CHANGE_PWD_TOKEN.name()),
                ErrCodeSys.PA_DATA_DIFF, "安全令牌类型");
        String operator = tokenService.getItem(token, ChangePasswordTokenItemConst.USER_ID.name(), String.class);
        Validator.assertTrue(StringUtils.equals(operator, userId), ErrCodeSys.PA_DATA_DIFF, "用户");
        return ResponseHandler.commonResponse();
    }

    @ApiOperation(value = "确认修改密码", notes = "修改密码")
    @RequestMapping(value = "", method = RequestMethod.POST)
    public ResponseEntity<Response<CommonResVO>> emailRegisterConfirm(@RequestBody ChangePasswordReq req) {
        String userId = tokenService.getItem(req.getToken(), ChangePasswordTokenItemConst.USER_ID.name(), String.class);
        Validator.assertTrue(StringUtils.equals(userId, req.getUserId()), ErrCodeSys.PA_DATA_DIFF, "访问用户");
        Validator.assertTrue(StringUtils.equals(req.getPassword(), req.getPasswordConfirm()), ErrCodeSys.PA_DATA_DIFF
                , "密码");
        Boolean init = tokenService.getItem(req.getToken(), ChangePasswordTokenItemConst.INIT.name(), Boolean.class);
        String email = tokenService.getItem(req.getToken(), ChangePasswordTokenItemConst.EMAIL.name(), String.class);
        if (init) {
            loginService.register(req.getUserId(), req.getPassword(), email);
        } else {
            changePasswordService.changePassword(req.getUserId(), req.getPassword());
        }
        tokenService.removeToken(req.getToken());
        return ResponseHandler.commonResponse("修改密码成功");
    }

}
